excel

Almost every person of a technical persuasion who has worked in an office will have some tale of wildly inappropriate use of office technology for a task that could have been accomplished far more simply with an appropriate tool. There are jokes about people photocopying a blank sheet of paper when they need a few sheets themselves, but some of the real stories are very bit as surreal.

[Bjonnh]’s patience for such things was exceeded when he received a screenshot embedded in a Microsoft Word file. His response is both pointless and elegant, a Python script that takes a JPEG image and encodes it into an Excel file. It’s simply an array of cells whose background colours represent the pixels, and he warns us that the output files may take a while to load. We just had to subject it to a test, but are sorry to report that LibreOffice doesn’t seem to want to play ball.

So yes, this is a small departure from our usual fare of hardware, and it serves no use other than to be a fantastically awful misuse of office technology. If you’ve ever been emailed a PowerPoint invitation to the office party though, then maybe you’ll have cracked a smile.

[C Bel] teaches Excel and he has a problem. Most of us — especially us Hackaday types — immediately write a VBA (Visual Basic for Applications) macro to do tough things in Excel. Not only is this difficult for non-technical users, but it also isn’t as efficient, according to [C Bel]. To demonstrate that VBA macros are not always needed, he wrote a 3D game engine using nothing but Excel formulae. He did have to resort to VBA to get user input and in a very few cases to improve the performance of large algorithms. You can see his result in the video below or download it and try it yourself.

The game is somewhat Doom-like. Somewhat. As you might expect it isn’t blindingly fast, and the enemy is a big red blob, but as the old Russian proverb goes, “The marvel is not that the bear dances well, but that the bear dances at all.” (And thanks to [Sean Boyce] for recalling that quote.)

When you want a person to do something, you train them. When you want a computer to do something, you program it. However, there are ways to make computers learn, at least in some situations. One technique that makes this possible is the perceptron learning algorithm. A perceptron is a computer simulation of a nerve, and there are various ways to change the perceptron’s behavior based on either example data or a method to determine how good (or bad) some outcome is.

What’s a Perceptron?

I’m no biologist, but apparently a neuron has a bunch of inputs and if the level of those inputs gets to a certain level, the neuron “fires” which means it stimulates the input of another neuron further down the line. Not all inputs are created equally: in the mathematical model of them, they have different weighting. Input A might be on a hair trigger, while it might take inputs B and C on together to wake up the neuron in question.Continue reading “Machine Learning: Foundations”→

Last time I showed you how to set up a reasonably complex design in a spreadsheet: a common emitter bipolar transistor amplifier. Having the design in a spreadsheet makes it easy to do “what if” scenarios and see the effects on the design almost immediately.

Another advantage that spreadsheets offer is a way to “solve” or optimize equations. That can be very useful once you have your model. For Excel, you need to install the Solver add-in (go to the Excel Options dialog, select Manage Add-Ins, and select the Solver Add-In). You might also enjoy OpenSolver. You can even get that for Google Sheets (although it currently lacks a non-linear solver which makes it less useful for what we need).

Accountants and MBAs use spreadsheets to play “what if” scenarios with business and financial data. Can you do the same thing with electronic circuits? The answer–perhaps not surprisingly–is yes.

Consider this simple common emitter amplifier (I modeled it in PartSim, if you’d like to open it):

In this particular case, there are several key design parameters. The beta of the transistor (current gain) is 220. The amplifier has an overall voltage gain of about 3 (30/10). I say about, because unless the transistor is ideal, it won’t be quite that. The supply voltage (Vcc) is 12 volts and I wanted the collector voltage (VC) to idle at 6V to allow the maximum possible positive and negative swing. I wanted the collector current (IC) to be 200mA.

When you think about serial communications, Microsoft Excel isn’t typically the first program that springs to mind. But this spreadsheet has a rather powerful scripting language hidden away inside it, which can, with a little coding, be used to send and receive data over your serial port. The scripting language is called Visual Basic for Applications (VBA), and it has been a part of Microsoft’s Office suite since 1993. Since then, it has evolved into a powerful (if sometimes frustrating) language that offers a subset of the features from Visual Basic.

It can be a useful tool. Imagine, for instance, that you are logging data from an instrument that has a serial port (or even an emulated one over USB). With a bit of VBA, you could create a spreadsheet that talks to the instrument directly, grabbing the data and processing it as required straight into the spreadsheet. It’s a handy trick that I have used myself several times, and [Maurizio] does a nice job of explaining how the code works, and how to integrate this code into Excel.

[Ronnie] recently posted a new chapter in his adventures in malware deconstruction. This time the culprit was an infected Excel spreadsheet file. The .xls file was attached to a phishing email claiming to be related to a tax rebate. With tax season in full swing, this type of phishing message would be likely to be opened by an inexperienced user.

[Ronnie] saved the file to a virtual machine to prevent his real workstation from getting infected. He then opened it up in Excel and noticed that it immediately attempted to run macros. A macro is essentially visual basic scripting that runs inside of the spreadsheet file. You can use it for simple automation, cell formatting, or do even more complicated tasks like reach out to external websites and pull information. This malware focused on the latter.

[Ronnie] used the alt + F11 shortcut to view the macros. Unfortunately the attackers had password protected them. [Ronnie] wouldn’t be able to view the macro code without knowing the password. Luckily, he learned of a surprisingly simple trick to completely bypass the macro password. He opened up the .xls file in Notepad++ and located three keys; CMG, DPB, and G. [Ronnie] then created and saved a new blank .xls document and password protected the macros with his own password. He opened up this new file in Notepad++ as well, and located those same three keys. He copied the keys from the new file into the old one, and saved the old file. This effectively changed the password of the malware file to the new one he had set for his new file. This is a nifty trick that apparently only works on the older .xls formats, not the newer .xlsx format.

After loading the macros, [Ronnie] quickly noticed that most of the code was obfuscated to make it difficult to analyze. There were, however, three named modules that reference possible sandbox evasion techniques. The malware first invokes these functions to detect the presence of a virtual machine or other type of sandbox. If it detects nothing, then the rest of the malware program is decoded and executed. [Ronnie] removed these checks and then executed the macro to verify that his change had worked.

The next step was to try to view the decoded instructions. The decoded gibberish was saved to a variable. The simplest way for [Ronnie] to view the contents of the variable was to have the program create a pop-up box that displayed the contents of that variable. After making this change and running the program again, he was able to see exactly what the malware was doing. The code actually invoked Powershell, downloaded a file from the Internet, and then extracted and executed that file. In the full write-up, [Ronnie] goes even further by downloading and analyzing the executable.